• You are here:  
  • Home
  • Q&A
  • Q&A
  • InfoMaker
  • Apache Log4j2 Remote Code Execution Vulnerability (CVE-2021-44228) and Powerbuilder/Infomaker

Subscribe via RSS
Toggle Submenu
  1. Categories
  2. Recent
  3. Tags
View Replies (3)

Resolved Apache Log4j2 Remote Code Execution Vulnerability (CVE-2021-44228) and Powerbuilder/Infomaker

  1. Advice
0
Votes
Undo
  1. Pierre DETE
    Pierre DETE
  2. InfoMaker
  3. Wednesday, 15 December 2021 17:07 PM UTC

Hi PB users,

With the new Security Bulletin: Apache Log4j2 Remote Code Execution Vulnerability (CVE-2021-44228) we start to answer our customers that they are not affected by our applications because we only use classic Powerbuilder branch and we don't deliver any version of log4j.

We don't have much information about Infomaker part. I suppose it's the same technical scope and that this vulnerability does not affect Infomaker users. Isn't it?

Thanks for your advice.

Pierre.

 

  1. Apache
  2. Security
Infomaker database
InfoMaker Form bug
Responses (3)
Sivaprakash BKR
Sivaprakash BKR Accepted Answer Pending Moderation
  1. Thursday, 16 December 2021 08:07 AM UTC
  2. InfoMaker
  3. # 1

Hello,

Hope the presence of this Log4j.jar file itself won't be an issue, till we use the same in one of our application(s), in both development and deployment environment.

Happiness Always
BKR Sivaprakash

 

Comment
Armeen Mazda @Appeon
  1. Armeen Mazda @Appeon
  2. Thursday, 16 December 2021 16:36 PM UTC
The Apache Log4j Website doesn't mention anything about the presence being an issue, but still I would delete it just be super safe.
  1. Helpful
Sivaprakash BKR
  1. Sivaprakash BKR
  2. Friday, 17 December 2021 11:13 AM UTC
Thanks Armeen.
  1. Helpful
There are no comments made yet.
Pierre DETE
Pierre DETE Accepted Answer Pending Moderation
  1. Thursday, 16 December 2021 06:57 AM UTC
  2. InfoMaker
  3. # 2

Hi Armeen,

Thank you for your quick response, we will be able to fully reassure our customers.

 

Pierre

Comment
Armeen Mazda @Appeon
  1. Armeen Mazda @Appeon
  2. Thursday, 16 December 2021 07:25 AM UTC
You’re very welcome.
  1. Helpful
There are no comments made yet.
Armeen Mazda @Appeon
Armeen Mazda @Appeon Accepted Answer Pending Moderation
  1. Wednesday, 15 December 2021 19:26 PM UTC
  2. InfoMaker
  3. # 3

Hi Pierre, InfoMaker is not affected by Log4j otherwise we would have issued security bulletin for InfoMaker.  If you are not distributing the Log4j .JAR file to your customers then your customers don't need to worry about Log4j issue being caused by the PowerBuilder app.

Best regards,
Armeen  

Comment
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.